Should I learn how authentication like jwt or ouath works or just know how to use the built in authentication system in my framework or okta or some other authentication service

  • 5
    Even if you use okta, you should understand the principles listed. There's not much to it, but doing it right is tedious.
  • 5
    If it was me, I would rip it apart and learn it E2E, but then I've come to realise a great many devs these days don't learn the finer details of what they are using - how the tables have turned over the years.
  • 0
  • 1
    I found it useful to learn the difference between implicit flow and authorization code flow. Like mentioned, the chain of events involved and not so much a specific implementation in code.

    When there's an addition to the team and they are even just vaguely aware of it "existing" it's a huge help compared to someone who needs an onboarding process to explain why we don't store the user password in the frontend and pass it in every request.
Add Comment